The plugin WX Form Management was closed on the Plugin Directory on September 3. No reason has been given for the closure. In the last day a new version has submitted to the Plugin Directory with the changelog “Input sanitization and security update for WordPress compatibility”. Looking at the changes made in that we found there previously was an authenticated persistent cross-site scripting (XSS) vulnerability in the plugin.

…

[Read more]